April 07, 2014 10:00AM
Staying ahead of OpenSSL vulnerabilities
TLS
Bugs
OpenSSL
Vulnerabilities
Reliability
Security
SSL
Today a new vulnerability was announced in OpenSSL 1.0.1 that allows an attacker to reveal up to 64kB of memory to a connected client or server (CVE-2014-0160). We fixed this vulnerability last week before it was made public....
March 11, 2014 5:00PM
The Web's Silver Jubilee
History
spdy
TLS
SSL
Security
No matter what your age, it's hard to believe that the World-Wide Web is 25 today. For the young the web has always been part of their lives, for the older it seems like it was invented only yesterday....
March 10, 2014 4:30PM
ECDSA: The digital signature algorithm of a better internet
TLS
HTTPS
Crypto
Elliptic Curves
RSA
Security
This blog post is dedicated to the memory of Dr. Scott Vanstone, popularizer of elliptic curve cryptography and inventor of the ECDSA algorithm. He passed away on March 2, 2014....
February 14, 2014 1:00AM
Introducing Strict SSL: Protecting Against a On-Path Attack on Origin Traffic
TLS
HTTPS
Crypto
Encryption
SSL
Security
At CloudFlare, we are always looking for ways to improve the security of our customers’ websites. One of the features we provide is the ability to serve their website encrypted over SSL/TLS....
December 26, 2013 5:00PM
Using CloudFlare to mix domain sharding and SPDY
TLS
Google
Chrome
spdy
Speed & Reliability
Security
It’s common knowledge that domain sharding, where the resources in a web page are shared across different domains (or subdomains), is a good thing....
November 21, 2013 9:00AM
Red October: CloudFlare’s Open Source Implementation of the Two-Man Rule
At CloudFlare, we are always looking for better ways to secure the data we’re entrusted with. This means hardening our system against outside threats such as hackers, but it also means protecting against insider threats....